PkgRadar

Go modules · proxy.golang.org

github.com/opendatahub-io/model-metadata-collection

Remote Payload, Credential file access

Why PkgRadar flagged v0.0.0-20260706140506-179dd47829ff

SeveritySignalEvidence
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.0.0-20260706140506-179dd47829ffReview152026-07-08
v0.0.0-20260630145006-7f89aeaae161Low risk02026-07-02
v0.0.0-20260626190707-3fe637844e37Low risk02026-06-27
v0.0.0-20260626171929-e69b114a2ea4Low risk02026-06-27
v0.0.0-20260622180213-9966bd704114Low risk02026-06-23
v0.0.0-20260611125402-a38bdf7d6b59Low risk02026-06-12

Block this in CI

PkgRadar gates github.com/opendatahub-io/model-metadata-collection (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/opendatahub-io/[email protected]
github.com/opendatahub-io/model-metadata-collection — Go modules security scan | PkgRadar